If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

2: If you run a database, check your database for users. Users in a db don't have to have a login, especially if they can connect through JDBC or ODBC-oriented applications (I think that's right).

A common mistake to 'lock out' a user was to do something like this:

Code:

#!/bin/sh
echo "You've been locked out. Deal."

Make this executable and put it as the user's shell. Problem is, it only works with telnet. FTP (back in the day) wouldn't check the shell. Now, ftp daemons check the shell of the user and sometimes, if it's not registered in /etc/shells or something similar, it won't let you in.

We the willing, led by the unknowing, have been doing the impossible for the ungrateful. We have done so much with so little for so long that we are now qualified to do just about anything with almost nothing.